Claude code will send your data to crims ... if they ask it nicely

"The exploit hijacks Claude and follows the adversaries instructions to grab private data, write it to the sandbox, and then calls the Anthropic File API to upload the file to the attacker's account ...
The Hacker News

âš¡ Weekly Recap: WSUS Exploited, LockBit 5.0 Returns, Telegram Backdoor, F5 Breach Widens

Active WSUS exploits, LockBit 5.0’s comeback, a Telegram backdoor, and F5’s hidden breach — this week’s biggest cyber threats ...

Tray.ai Launches New Agent Gateway to Mitigate Shadow MCP Risk and Move Organizations to Managed and Approved MCP Tools

Gives IT power to develop approved MCP Tools on Tray with policies, permissions, versioning and compliance, then publish them ...